SWE210 Software Security Week 1

Questions and Answers

What is the goal of an opponent in a passive attack?

Obtain information that is being transmitted

Give an example of a Type 1 passive attack.

Release of Message Contents (Eg: Telephone Conversation)

What can an opponent achieve through Traffic Analysis in a passive attack?

Determine the location and identity of communicating hosts, observe the frequency and length of messages being exchanged

What is the goal of an opponent in an active attack?

Modification of the data stream or creation of a false data stream

Give an example of a Type 1 active attack.

Masquerade (one entity pretends to be a different entity)

What happens in a Type 3 active attack involving the modification of messages?

Some portion of a legitimate message is altered, or messages are delayed or reordered to produce an unauthorized effect

What is the main goal of security in the context of software?

Protection of systems, data, and resources against unauthorized access, disclosure, alteration, or destruction.

Describe the impact of the Equifax data breach in 2017.

Personal information of approximately 147 million individuals was compromised, including names, Social Security numbers, birth dates, and addresses.

What was the cause of the Equifax data breach in 2017?

The breach stemmed from a vulnerability in Apache Struts, a web application framework used by Equifax.

How was the SolarWinds supply chain attack in 2020 executed?

Attackers compromised SolarWinds' software updates, leading to unauthorized access across organizations.

What were the consequences faced by Equifax after the data breach?

Equifax faced financial and reputational damage, including lawsuits, regulatory investigations, and Congressional hearings.

How did organizations respond to the SolarWinds supply chain attack?

Organizations rushed to patch affected systems and mitigate risks.

What was the cause of the Facebook data leak in 2019?

Vulnerability in Facebook's 'View As' feature

What type of user data was exposed during the Facebook data leak?

Phone numbers, emails, and personal information

How did Facebook respond to the data leak?

Acknowledged the breach, addressed the vulnerability, and notified affected users to review privacy settings

What are the three security goals emphasized in the text?

Confidentiality, Integrity, Availability

Define Passive Attacks.

Attacks that make use of information from the system without affecting system resources.

What is the significance of the CIA triad in cybersecurity?

It ensures confidentiality, integrity, and availability of data and systems.

What is the purpose of a connection-oriented integrity service?

To assure that messages are received as sent with no duplication, insertion, modification, reordering, or replays.

How does a connectionless integrity service differ from a connection-oriented one?

Connectionless integrity service generally provides protection against message modification only.

What does non-repudiation aim to provide in a communication?

Protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.

What is the purpose of the 'Origin' aspect of non-repudiation?

Proof that the message was sent by the specified party.

How does encipherment contribute to data security?

It transforms data into a form that is not readily intelligible, using mathematical algorithms.

What is the function of a digital signature in data security?

To prove the source of data and the integrity of data.

What is the definition of risk in cybersecurity?

Risk is the likelihood and potential impact of a threat exploiting a vulnerability to cause harm to an asset.

Give an example of a risk in cybersecurity related to data protection.

Risk of Data Breach: Unauthorized access to sensitive customer information.

Define what an attack is in the context of cybersecurity.

An attack is an intentional or malicious act aimed at exploiting vulnerabilities and compromising the security of an asset or system.

Provide an example of a cybersecurity attack involving deceptive emails.

Phishing Attack: Deceptive emails or messages designed to trick users into revealing sensitive information.

What does mitigation refer to in cybersecurity?

Mitigation refers to the process of reducing the likelihood or impact of potential threats by addressing vulnerabilities and implementing security controls.

How can organizations mitigate cybersecurity risks related to malware?

Installing Antivirus Software: Protecting systems from malware and other malicious software.